Null IPC$ sessions are a simplistic thing that are very easily over looked
with the general configuration of Window NT/2000/XP computers. If your
server is not protected with a firewall or some other type of security and a
NULL IPC$ connection can be made any user can gather a great deal of
information from your server.
Here is an example of some information gathered from my server with an
application that I created:
\\10.10.0.253

Relevant Pages

Re: Trapped with Security... Make certain that IPC$ is shared on the remote system and it should work. ... > I'm always remember to implement security for every new installed server,... Whether using Security Configuration...(microsoft.public.security)

Re: Ipc$ share hack... OS, version, Active Directory or not, any security... It's not to any hacker's advantage to turn off IPC$.... playing with securing the server.... > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...(Security-Basics)

Re: anonymous logon... It creates a "null" sessions to the target computer. ... you will see the ipc$ share if file and print sharing is enabled. ... >> security option in Local Security Policy for additional restrictions ... >> Baseline Security Analyzer on your server and the highly recommended ...(microsoft.public.win2000.security)

Re: << SBS News of the week - Sept 26 >>... > And he points to the info you need to put the file on the server in the ... > at the network perimeter.... The Symantec Firewall/VPN and the Gateway Security... An attacker can exploit these flaws in tandem via specially ...(microsoft.public.windows.server.sbs)